Shared Threats: Web Application Vulnerabilities and the z/OS Environment

Описание к видео Shared Threats: Web Application Vulnerabilities and the z/OS Environment

Bonus session for TechXchange featuring Michelle Eggers, Security Consultant at NetSPI.

Over the years mainframe developers have seen fit to make almost everything a web app. From Abend Aid to z/OSMF, there’s no avoiding web apps on your mainframe. Even internally as companies modernize their mainframe, they’re opening web APIs and web pages for other systems to consume and with the growing presence of web applications on mainframes, new risks are introduced. Unfortunately, the threats that exist for these web-based environments may be lurking in the shadows of the unexamined mainframe as well. This talk will explore some well-established approaches to web app penetration testing methodology, cover several of the most frequently seen vulnerabilities, and discuss how these vulnerabilities could potentially lead to a compromise of the z/OS environment. Vulnerabilities covered in this talk will be based on OWASP top 10 vulnerabilities with a z/OS twist.

Комментарии

Информация по комментариям в разработке